Aleksa Sarai (cyphar) accepted request 1003333 from Marcus Rueckert (darix) over 1 year ago (revision 238)

- Update to 1.67.0

• Files Changed
• Browse Source

buildservice-autocommit accepted request 1000774 from Oliver Kurz (okurz) over 1 year ago (revision 237)

baserev update by copy to link target

• Files Changed
• Browse Source

Oliver Kurz (okurz) accepted request 1000524 from Marcus Rueckert (darix) over 1 year ago (revision 236)

- Update to 1.66.0

• Files Changed
• Browse Source

buildservice-autocommit accepted request 994786 from Marcus Rueckert (darix) over 1 year ago (revision 235)

baserev update by copy to link target

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 992239 from Marcus Rueckert (darix) over 1 year ago (revision 234)

- Update to 1.64.0

• Files Changed
• Browse Source

buildservice-autocommit accepted request 991402 from Factory Maintainer (factory-maintainer) almost 2 years ago (revision 233)

baserev update by copy to link target

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 990420 from Marcus Rueckert (darix) almost 2 years ago (revision 232)

- Update to 1.63.1

• Files Changed
• Browse Source

buildservice-autocommit accepted request 989126 from Oliver Kurz (okurz) almost 2 years ago (revision 231)

baserev update by copy to link target

• Files Changed
• Browse Source

Oliver Kurz (okurz) accepted request 986905 from Marcus Rueckert (darix) almost 2 years ago (revision 230)

- Update to 1.62.0

• Files Changed
• Browse Source

buildservice-autocommit accepted request 985628 from Oliver Kurz (okurz) almost 2 years ago (revision 229)

baserev update by copy to link target

• Files Changed
• Browse Source

Oliver Kurz (okurz) accepted request 985625 from Marcus Rueckert (darix) almost 2 years ago (revision 228)

- Update to 1.61.1
  This patch release fixes a security issue regarding URL previews,
  affecting all prior versions of Synapse. Server administrators
  are encouraged to update Synapse as soon as possible. We are not
  aware of these vulnerabilities being exploited in the wild.
  Server administrators who are unable to update Synapse may use
  the workarounds described in the linked GitHub Security Advisory
  below.
  The following issue is fixed in 1.61.1.
  GHSA-22p3-qrh9-cx32 / CVE-2022-31052
  Synapse instances with the url_preview_enabled homeserver config
  option set to true are affected. URL previews of some web pages
  can lead to unbounded recursion, causing the request to either
  fail, or in some cases crash the running Synapse process.
  Requesting URL previews requires authentication. Nevertheless, it
  is possible to exploit this maliciously, either by malicious
  users on the homeserver, or by remote users sending URLs that a
  local user's client may automatically request a URL preview for.
  Homeservers with the url_preview_enabled configuration option set
  to false (the default) are unaffected. Instances with the
  enable_media_repo configuration option set to false are also
  unaffected, as this also disables URL preview functionality.
  Fixed by fa1308061802ac7b7d20e954ba7372c5ac292333.

- force python 3.10 on TW

• Files Changed
• Browse Source

buildservice-autocommit accepted request 982651 from Oliver Kurz (okurz) almost 2 years ago (revision 227)

baserev update by copy to link target

• Files Changed
• Browse Source

Oliver Kurz (okurz) accepted request 982648 from Marcus Rueckert (darix) almost 2 years ago (revision 226)

- Update to 1.61.0
- update the dependencies
  - drop PyNaCL dependency as it is not longer needed
  - refreshed some of the version dependencies to use poetry.lock
    for version numbers instead of the pyproject.toml

• Files Changed
• Browse Source

buildservice-autocommit accepted request 980134 from Marcus Rueckert (darix) almost 2 years ago (revision 225)

baserev update by copy to link target

• Files Changed
• Browse Source

Marcus Rueckert (darix) committed almost 2 years ago (revision 224)

fix date

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 980131 from Marcus Rueckert (darix) almost 2 years ago (revision 223)

- Update to 1.60.0

• Files Changed
• Browse Source

buildservice-autocommit accepted request 978220 from Oliver Kurz (okurz) almost 2 years ago (revision 222)

baserev update by copy to link target

• Files Changed
• Browse Source

Oliver Kurz (okurz) accepted request 977929 from Marcus Rueckert (darix) almost 2 years ago (revision 221)

- Update to 1.59.1

• Files Changed
• Browse Source

buildservice-autocommit accepted request 976930 from Factory Maintainer (factory-maintainer) almost 2 years ago (revision 220)

baserev update by copy to link target

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 975254 from Marcus Rueckert (darix) about 2 years ago (revision 219)

- Update to 1.58.1
  This patch release includes a fix to the Debian packages,
  installing the systemd and cache_memory extra package groups,
  which were incorrectly omitted in v1.58.0. This primarily
  prevented Synapse from starting when the
  systemd.journal.JournalHandler log handler was configured. See
  #12631 for further information.
  Otherwise, no significant changes since 1.58.0.

• Files Changed
• Browse Source